Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
File: 5b8eca1c-0001-4580-9357-36838b685542.roa (raw, json)
Hash identifier: HbTWetFSUti+s5GfoHOxogfwx/6aTtyukJiaa+ny8Pc=
Subject key identifier: D0:2F:80:68:A8:6E:5B:71:58:57:F5:CB:F1:94:14:14:DC:4C:3B:01
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5C47D663EAE0F345C532BB1D7201A1D992152F2D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
Signing time: Sat 31 May 2025 00:50:17 +0000
ROA not before: Sat 31 May 2025 00:50:17 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:47:d6:63:ea:e0:f3:45:c5:32:bb:1d:72:01:a1:d9:92:15:2f:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:17 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=a2d576a67a7ea7f15e41a6ba6d82e2e21c1444804354eb4a1268facb4c7966d3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:67:f2:7b:ab:cb:9e:02:4d:f1:51:39:b7:aa:
73:c0:c9:96:9b:50:66:7f:26:83:d7:cc:4b:01:e1:
60:20:b5:6e:fc:39:ec:8b:64:20:cc:0f:fd:f6:b7:
eb:39:47:47:d0:5f:2f:68:c0:54:50:87:80:06:fc:
a6:d7:39:e9:31:5b:0f:91:ad:b3:fc:da:88:29:a8:
12:ba:7b:03:3f:da:bd:e0:2c:53:4d:ab:a1:c3:cc:
1a:1f:e7:97:35:5d:69:60:4c:bd:34:21:16:33:81:
51:07:76:38:9b:35:a1:5a:ec:12:e5:2a:ee:30:89:
fb:06:13:85:ed:00:2f:2c:d2:56:53:f5:e3:4f:2f:
ef:6e:eb:3f:a7:6f:28:cb:01:a6:64:a7:73:de:e3:
b2:72:38:88:44:59:3c:63:07:28:fe:c9:fd:da:a8:
97:d0:ce:ee:c5:3c:4f:f9:6d:f2:71:93:56:e3:86:
36:2d:5b:50:f9:83:84:ac:a0:97:6e:05:af:0a:7a:
12:c5:82:e3:51:92:7f:80:46:19:39:64:fa:b1:12:
bb:f5:af:c6:33:a3:85:f0:3f:f0:14:a2:6c:b4:32:
97:d6:b7:a2:de:e1:40:f7:03:7d:9f:b6:4f:b1:58:
9e:b7:ac:44:a5:ba:b1:b4:e5:e8:f0:71:60:39:43:
8e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:2F:80:68:A8:6E:5B:71:58:57:F5:CB:F1:94:14:14:DC:4C:3B:01
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
44:a2:54:9f:c6:b7:c4:71:bf:cc:28:75:68:c1:c2:c8:ce:b0:
d4:25:0f:b7:43:42:6e:99:ea:70:37:ef:80:ed:97:93:d1:1b:
ec:a6:8e:f9:cb:ce:e6:6e:5f:06:c4:1a:76:8b:60:d8:b0:1c:
34:f7:28:50:cb:b1:21:99:34:72:62:d1:c6:72:02:12:e7:8e:
94:4c:2c:ac:5f:a1:2f:96:61:31:74:be:3c:a4:53:92:1c:f3:
79:a9:ab:d8:3c:4a:17:ab:cc:cd:95:3e:79:00:b7:a2:f9:9c:
94:6a:aa:c4:6d:d1:f8:d5:2c:cb:48:36:c8:ba:d3:84:f2:ad:
90:70:63:56:1b:b4:56:0d:a2:44:81:9d:93:20:74:4e:91:ec:
88:1f:34:d5:50:cb:c8:76:8c:bc:68:58:47:7d:2b:3f:71:79:
9e:34:ab:d9:0e:45:42:14:9e:0d:8d:24:be:c3:2b:9b:af:ba:
96:31:14:92:a4:4c:5a:c5:f0:d3:16:04:7d:bf:1e:c2:e1:30:
4e:74:ca:53:c3:cd:81:25:db:da:70:7e:88:4e:69:80:0e:3b:
a0:71:93:c8:60:75:c4:b0:dd:32:c4:a4:2a:b9:7e:fa:10:f4:
9c:60:c1:39:29:39:10:ce:a0:60:43:25:50:a7:d1:c7:e1:36:
e5:d4:9b:e6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXEfWY+rg80XFMrsdcgGh2ZIVLy0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMTdaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyZDU3NmE2N2E3ZWE3ZjE1ZTQxYTZiYTZkODJlMmUyMWMxNDQ0ODA0MzU0
ZWI0YTEyNjhmYWNiNGM3OTY2ZDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMln8nury54CTfFRObeqc8DJlptQZn8mg9fMSwHhYCC1bvw57ItkIMwP/fa3
6zlHR9BfL2jAVFCHgAb8ptc56TFbD5Gts/zaiCmoErp7Az/aveAsU02rocPMGh/n
lzVdaWBMvTQhFjOBUQd2OJs1oVrsEuUq7jCJ+wYThe0ALyzSVlP1408v727rP6dv
KMsBpmSnc97jsnI4iERZPGMHKP7J/dqol9DO7sU8T/lt8nGTVuOGNi1bUPmDhKyg
l24Frwp6EsWC41GSf4BGGTlk+rESu/WvxjOjhfA/8BSibLQyl9a3ot7hQPcDfZ+2
T7FYnresRKW6sbTl6PBxYDlDjjcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTQL4Bo
qG5bcVhX9cvxlBQU3Ew7ATAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWI4ZWNhMWMtMDAwMS00NTgwLTkzNTctMzY4MzhiNjg1NTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQBEolSfxrfEcb/MKHVowcLIzrDUJQ+3Q0JumepwN++A
7ZeT0Rvspo75y87mbl8GxBp2i2DYsBw09yhQy7EhmTRyYtHGcgIS546UTCysX6Ev
lmExdL48pFOSHPN5qavYPEoXq8zNlT55ALei+ZyUaqrEbdH41SzLSDbIutOE8q2Q
cGNWG7RWDaJEgZ2TIHROkeyIHzTVUMvIdoy8aFhHfSs/cXmeNKvZDkVCFJ4NjSS+
wyubr7qWMRSSpExaxfDTFgR9vx7C4TBOdMpTw82BJdvacH6ITmmADjugcZPIYHXE
sN0yxKQquX76EPScYME5KTkQzqBgQyVQp9HH4Tbl1Jvm
-----END CERTIFICATE-----
Generated at Fri Jun 6 04:40:10 2025 by rpki-client